1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00
ansible_role_gitea/templates/gitea.ini.j2

313 lines
12 KiB
Text
Raw Normal View History

; this file is the configuration of your local Gitea instance
; {{ ansible_managed }}
2023-10-10 19:30:38 +02:00
;
; This file overwrites the default values from Gitea.
; undefined variables will use the default value from Gitea.
2023-10-10 19:30:38 +02:00
; Cheat Sheet: https://docs.gitea.com/next/administration/config-cheat-sheet/
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet#overall-default
Improve ARM Support (#74) * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Improve support for Vault Encrypted JWT tokens * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * autogenerate JWT_SECRETS (#77) * autogenerate JWT_SECRETS Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined. In my opinion a much better idea than writing a value in the default config. The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit. * drop ansible.builtin. syntax * Update file permissions for "{{ gitea_home }}" (#75) The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files. This should be done better. And I have done here now. By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me ``` find . -type f -exec chmod a-x {} \+; find . -type f -exec chmod u=rwX {} \+; ``` * Bump cryptography from 3.2 to 3.3.2 (#79) Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * check-variables.yml doesn't exists anymore Co-authored-by: L3D <l3d@c3woc.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 18:56:31 +01:00
APP_NAME = {{ gitea_app_name }}
2017-01-10 22:09:34 +01:00
RUN_USER = {{ gitea_user }}
RUN_MODE = {{ gitea_run_mode }}
WORK_PATH = {{ gitea_home }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#repository-repository
2017-01-10 22:09:34 +01:00
[repository]
ROOT = {{ gitea_repository_root }}
FORCE_PRIVATE = {{ gitea_force_private | ternary('true', 'false') }}
DEFAULT_PRIVATE = {{ gitea_default_private }}
MAX_CREATION_LIMIT = {{ gitea_user_repo_limit }}
DISABLE_HTTP_GIT = {{ gitea_disable_http_git | ternary('true', 'false') }}
ENABLE_PUSH_CREATE_USER = {{ gitea_enable_push_create_user | ternary('true', 'false') }}
ENABLE_PUSH_CREATE_ORG = {{ gitea_enable_push_create_org | ternary('true', 'false') }}
DISABLED_REPO_UNITS = {{ gitea_disabled_repo_units }}
DEFAULT_REPO_UNITS = {{ gitea_default_repo_units }}
DISABLE_STARS = {{ gitea_disable_stars | ternary('true', 'false') }}
DEFAULT_BRANCH = {{ gitea_default_branch }}
{{ gitea_repository_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/administration/config-cheat-sheet/#repository---upload-repositoryupload
[repository.upload]
ENABLED = {{ gitea_repository_upload_enabled | ternary('true', 'false') }}
TEMP_PATH = {{ gitea_home }}/data/tmp/uploads
FILE_MAX_SIZE = {{ gitea_repository_upload_max_size }}
{{ gitea_repository_upload_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
{% if gitea_enable_repo_signing_options | bool %}
2023-10-10 19:30:38 +02:00
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#repository---signing-repositorysigning
[repository.signing]
SIGNING_KEY = {{ gitea_repo_signing_key }}
SIGNING_NAME = {{ gitea_repo_signing_name }}
SIGNING_EMAIL = {{ gitea_repo_signing_email }}
INITIAL_COMMIT = {{ gitea_repo_initial_commit }}
DEFAULT_TRUST_MODEL = {{ gitea_repo_default_trust_model }}
WIKI = {{ gitea_repo_wiki }}
CRUD_ACTIONS = {{ gitea_repo_crud_actions }}
MERGES = {{ gitea_repo_merges }}
{{ gitea_enable_repo_signing_extra }}
2023-10-10 19:30:38 +02:00
;
{% endif %}
2023-10-10 19:30:38 +02:00
;
{% if gitea_enable_cors | bool %}
2023-10-10 19:30:38 +02:00
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#cors-cors
[cors]
ENABLED = {{ gitea_enable_cors | ternary('true', 'false') }}
SCHEME = {{ gitea_cors_scheme }}
ALLOW_DOMAIN = {{ gitea_cors_allow_domain }}
ALLOW_SUBDOMAIN = {{ gitea_cors_allow_subdomain | ternary('true', 'false') }}
METHODS = {{ gitea_cors_methods }}
MAX_AGE = {{ gitea_cors_max_age }}
ALLOW_CREDENTIALS = {{ gitea_cors_allow_credentials | ternary('true', 'false') }}
HEADERS = {{ gitea_cors_headers }}
X_FRAME_OPTIONS = {{ gitea_cors_x_frame_options }}
{{ gitea_cors_extra }}
2023-10-10 19:30:38 +02:00
;
{% endif %}
2023-10-10 19:30:38 +02:00
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#ui-ui
2017-01-10 22:09:34 +01:00
[ui]
THEMES = {{ gitea_themes }}
DEFAULT_THEME = {{ gitea_theme_default }}
SHOW_USER_EMAIL = {{ gitea_show_user_email | ternary('true', 'false') }}
{{ gitea_ui_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
;
[ui.meta]
AUTHOR = {{ gitea_ui_author }}
DESCRIPTION = {{ gitea_ui_description }}
KEYWORDS = {{ gitea_ui_keywords }}
{{ gitea_ui_meta_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#server-server
2017-01-10 22:09:34 +01:00
[server]
APP_DATA_PATH = {{ gitea_home }}/data
PROTOCOL = {{ gitea_protocol }}
DOMAIN = {{ gitea_http_domain }}
ROOT_URL = {{ gitea_root_url }}
HTTP_ADDR = {{ gitea_http_listen }}
HTTP_PORT = {{ gitea_http_port }}
START_SSH_SERVER = {{ gitea_start_ssh | ternary('true', 'false') }}
SSH_DOMAIN = {{ gitea_ssh_domain }}
SSH_PORT = {{ gitea_ssh_port }}
SSH_LISTEN_HOST = {{ gitea_ssh_listen }}
OFFLINE_MODE = {{ gitea_offline_mode | ternary('true', 'false') }}
{% if gitea_enable_tls_certs | bool %}
CERT_FILE = {{ gitea_tls_cert_file }}
KEY_FILE = {{ gitea_tls_key_file }}
{% endif %}
LANDING_PAGE = {{ gitea_landing_page }}
{% if gitea_lfs_server_enabled | bool %}
LFS_START_SERVER = true
LFS_JWT_SECRET = {{ gitea_lfs_jwt_secret }}
{% endif %}
REDIRECT_OTHER_PORT = {{ gitea_redirect_other_port | ternary('true', 'false') }}
PORT_TO_REDIRECT = {{ gitea_port_to_redirect }}
ENABLE_ACME = {{ gitea_enable_acme | ternary('true', 'false') }}
{% if gitea_enable_acme | bool %}
{% if gitea_acme_url != '' %}
ACME_URL = {{ gitea_acme_url }}
{% endif %}
ACME_ACCEPTTOS = {{ gitea_acme_accepttos | ternary('true', 'false') }}
ACME_DIRECTORY = {{ gitea_acme_directory }}
ACME_EMAIL = {{ gitea_acme_email }}
ACME_CA_ROOT = {{ gitea_acme_ca_root }}
{% endif %}
{{ gitea_server_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#database-database
2017-01-10 22:09:34 +01:00
[database]
DB_TYPE = {{ gitea_db_type }}
HOST = {{ gitea_db_host }}
NAME = {{ gitea_db_name }}
USER = {{ gitea_db_user }}
PASSWD = {{ gitea_db_password }}
Improve ARM Support (#74) * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Improve support for Vault Encrypted JWT tokens * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * autogenerate JWT_SECRETS (#77) * autogenerate JWT_SECRETS Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined. In my opinion a much better idea than writing a value in the default config. The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit. * drop ansible.builtin. syntax * Update file permissions for "{{ gitea_home }}" (#75) The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files. This should be done better. And I have done here now. By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me ``` find . -type f -exec chmod a-x {} \+; find . -type f -exec chmod u=rwX {} \+; ``` * Bump cryptography from 3.2 to 3.3.2 (#79) Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * check-variables.yml doesn't exists anymore Co-authored-by: L3D <l3d@c3woc.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 18:56:31 +01:00
SSL_MODE = {{ gitea_db_ssl }}
PATH = {{ gitea_db_path }}
LOG_SQL = {{ gitea_db_log_sql | ternary('true', 'false') }}
{{ gitea_database_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#indexer-indexer
[indexer]
ISSUE_INDEXER_PATH = {{ gitea_home }}/indexers/issues.bleve
REPO_INDEXER_ENABLED = {{ gitea_repo_indexer_enabled | ternary('true', 'false') }}
REPO_INDEXER_PATH = {{ gitea_home }}/indexers/repos.bleve
REPO_INDEXER_INCLUDE = {{ gitea_repo_indexer_include }}
REPO_INDEXER_EXCLUDE = {{ gitea_repo_indexer_exclude }}
2021-04-12 00:52:27 +02:00
REPO_INDEXER_EXCLUDE_VENDORED = {{ gitea_repo_exclude_vendored | ternary('true', 'false') }}
MAX_FILE_SIZE = {{ gitea_repo_indexer_max_file_size }}
{{ gitea_indexer_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
2023-01-26 01:18:15 +01:00
; Queue (queue and queue.*)
2023-10-10 19:30:38 +02:00
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#queue-queue-and-queue
2023-01-26 01:18:15 +01:00
[queue.issue_indexer]
DATADIR = {{ gitea_home }}/indexers/issues.queue
{{ gitea_queue_issue_indexer_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#security-security
2017-01-10 22:09:34 +01:00
[security]
INSTALL_LOCK = true
SECRET_KEY = {{ gitea_secret_key }}
DISABLE_GIT_HOOKS = {{ gitea_disable_git_hooks | ternary('true', 'false') }}
DISABLE_WEBHOOKS = {{ gitea_disable_webhooks | ternary('true', 'false') }}
INTERNAL_TOKEN = {{ gitea_internal_token }}
PASSWORD_CHECK_PWN = {{ gitea_password_check_pwn | ternary('true', 'false') }}
{{ gitea_security_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#service-service
2017-01-10 22:09:34 +01:00
[service]
REGISTER_EMAIL_CONFIRM = {{ gitea_register_email_confirm | ternary('true', 'false') }}
DISABLE_REGISTRATION = {{ gitea_disable_registration | ternary('true', 'false') }}
REQUIRE_SIGNIN_VIEW = {{ gitea_require_signin | ternary('true', 'false') }}
ENABLE_NOTIFY_MAIL = {{ gitea_enable_notify_mail | ternary('true', 'false') }}
ENABLE_CAPTCHA = {{ gitea_enable_captcha | ternary('true', 'false') }}
DEFAULT_KEEP_EMAIL_PRIVATE = {{ gitea_default_keep_mail_private | ternary('true', 'false') }}
SHOW_REGISTRATION_BUTTON = {{ gitea_show_registration_button | ternary('true', 'false') }}
AUTO_WATCH_NEW_REPOS = {{ gitea_auto_watch_new_repos | ternary('true', 'false') }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_only_allow_external_registration | ternary('true', 'false') }}
AUTO_WATCH_ON_CHANGES = {{ gitea_autowatch_on_change | ternary('true', 'false') }}
SHOW_MILESTONES_DASHBOARD_PAGE = {{ gitea_show_milestones_dashboard_page | ternary('true', 'false') }}
REGISTER_MANUAL_CONFIRM = {{ gitea_register_manual_confirm | ternary('true', 'false') }}
DEFAULT_ALLOW_CREATE_ORGANIZATION = {{ gitea_default_allow_create_organization | ternary('true', 'false') }}
DEFAULT_USER_IS_RESTRICTED = {{ gitea_default_user_is_restricted | ternary('true', 'false') }}
{% if gitea_email_domain_allowlist is defined and gitea_email_domain_allowlist | length %}
EMAIL_DOMAIN_ALLOWLIST = {{ gitea_email_domain_allowlist }}
{% endif %}
DEFAULT_USER_VISIBILITY = {{ gitea_default_user_visibility }}
DEFAULT_ORG_VISIBILITY = {{ gitea_default_org_visibility }}
ALLOW_ONLY_INTERNAL_REGISTRATION = {{ gitea_allow_only_internal_registration | ternary('true', 'false') }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ gitea_allow_only_external_registration | ternary('true', 'false') }}
{{ gitea_service_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#mailer-mailer
2017-01-10 22:09:34 +01:00
[mailer]
ENABLED = {{ gitea_mailer_enabled | ternary('true', 'false') }}
{% if gitea_mailer_enabled | bool %}
{% if gitea_mailer_use_client_cert | bool %}
CLIENT_CERT_FILE = {{ gitea_mailer_client_cert_file }}
CLIENT_KEY_FILE = {{ gitea_mailer_client_key_file }}
{% endif %}
PROTOCOL = {{ gitea_mailer_protocol }}
SMTP_ADDR = {{ gitea_mailer_smtp_addr }}
SMTP_PORT = {{ gitea_mailer_smtp_port }}
USE_CLIENT_CERT = {{ gitea_mailer_use_client_cert | ternary('true', 'false') }}
FORCE_TRUST_SERVER_CERT = {{ gitea_mailer_force_trust_server_cert | ternary('true', 'false') }}
USER = {{ gitea_mailer_user }}
PASSWD = {{ gitea_mailer_password }}
ENABLE_HELO = {{ gitea_mailer_enable_helo | ternary('true', 'false') }}
FROM = {{ gitea_mailer_from }}
SUBJECT_PREFIX = {{ gitea_subject_prefix }}
SEND_AS_PLAIN_TEXT = {{ gitea_mailer_send_as_plaintext | ternary('true', 'false') }}
{{ gitea_mailer_extra_config }}
2023-10-10 19:30:38 +02:00
;
{% endif %}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#session-session
2017-01-10 22:09:34 +01:00
[session]
PROVIDER = {{ gitea_session_provider }}
Improve ARM Support (#74) * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Improve support for Vault Encrypted JWT tokens * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * autogenerate JWT_SECRETS (#77) * autogenerate JWT_SECRETS Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined. In my opinion a much better idea than writing a value in the default config. The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit. * drop ansible.builtin. syntax * Update file permissions for "{{ gitea_home }}" (#75) The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files. This should be done better. And I have done here now. By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me ``` find . -type f -exec chmod a-x {} \+; find . -type f -exec chmod u=rwX {} \+; ``` * Bump cryptography from 3.2 to 3.3.2 (#79) Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * check-variables.yml doesn't exists anymore Co-authored-by: L3D <l3d@c3woc.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 18:56:31 +01:00
PROVIDER_CONFIG = {{ gitea_home }}/data/sessions
{{ gitea_session_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#picture-picture
2017-01-10 22:09:34 +01:00
[picture]
Improve ARM Support (#74) * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Improve support for Vault Encrypted JWT tokens * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * autogenerate JWT_SECRETS (#77) * autogenerate JWT_SECRETS Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined. In my opinion a much better idea than writing a value in the default config. The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit. * drop ansible.builtin. syntax * Update file permissions for "{{ gitea_home }}" (#75) The file permissions for {{ gitea_home }} especially in conjunction with the recurse: true flag are on closer inspection very open to all and also have a +x set on files. This should be done better. And I have done here now. By the way: To improve the -x on normal files in his gitea installation this shell command was useful for me ``` find . -type f -exec chmod a-x {} \+; find . -type f -exec chmod u=rwX {} \+; ``` * Bump cryptography from 3.2 to 3.3.2 (#79) Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.3.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/3.2...3.3.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Gitea user should be a system user * Improve installation system * Download archive instead of binary * Add checksum validation * Add GPG check * Add backup process before upgrading * Improve ARM support * Fix spacing in gitea configuration template When Gitea rewrite the configuration file (e.g.: the JWT token is not set or doesn't fit their criteria), it'll align space on a per-section basis in the .ini file. If the template is not properly spaced, at the next Ansible run, you'll have an enormous diff, hidding what the real changes are. * add proper redhat/debian deps for molecule testing * Gitea group should be a system group * fix linting for CI * Update CI and meta information for up-to-date tests and distros * molecule: fix typo for redhat packages * fix typo * bump gitea version to 1.13.1 * Use Ubuntu keyservers to play nicely with everyone * Update minimum required ansible version to 2.9.8 This is required for Ubuntu Focal, which comes with systemd >= 245 The Get Facts modules doesn't work well with it before the bugfix introduced in 2.9.8 * Replace yes by True to please the linting * Truthy values needs to be lower-case * bump gitea version to 1.13.2 * perform gitea dump as gitea user * need to set become to yes * check-variables.yml doesn't exists anymore Co-authored-by: L3D <l3d@c3woc.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 18:56:31 +01:00
AVATAR_UPLOAD_PATH = {{ gitea_home }}/data/avatars
{{ gitea_picture_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#issue-and-pull-request-attachments-attachment
2017-01-10 22:09:34 +01:00
[attachment]
ENABLED = {{ gitea_attachment_enabled | ternary('true', 'false') }}
ALLOWED_TYPES = {{ gitea_attachment_types }}
MAX_SIZE = {{ gitea_attachment_max_size }}
PATH = {{ gitea_home }}/data/attachments
{{ gitea_attachment_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#log-log
2017-01-10 22:09:34 +01:00
[log]
ROOT_PATH = {{ gitea_home }}/log
{% if gitea_log_systemd %}
MODE = console
{% else %}
MODE = file
{% endif %}
LEVEL = {{ gitea_log_level }}
{{ gitea_log_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#metrics-metrics
2021-03-22 00:17:13 +01:00
[metrics]
2021-04-12 00:49:03 +02:00
ENABLED = {{ gitea_metrics_enabled | ternary('true', 'false') }}
TOKEN = {{ gitea_metrics_token }}
{{ gitea_metrics_extra }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#oauth2-oauth2
2019-12-21 14:18:58 +01:00
[oauth2]
ENABLED = {{ gitea_oauth2_enabled | ternary('true', 'false') }}
2019-12-21 14:18:58 +01:00
JWT_SECRET = {{ gitea_oauth2_jwt_secret }}
{{ gitea_oauth2_extra_config }}
2023-10-10 19:30:38 +02:00
;
;
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#federation-federation
2023-01-26 02:17:53 +01:00
[federation]
ENABLED = {{ gitea_federation_enabled | ternary('true', 'false') }}
2023-01-26 02:17:53 +01:00
SHARE_USER_STATISTICS = {{ gitea_federation_share_user_stats | ternary('true', 'false') }}
{{ gitea_federation_extra }}
2023-10-10 19:30:38 +02:00
;
;
2023-01-26 02:53:50 +01:00
; Packages (packages)
2023-10-10 19:30:38 +02:00
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#packages-packages
2023-01-26 02:53:50 +01:00
[packages]
ENABLED = {{ gitea_packages_enabled | ternary('true', 'false') }}
{% if gitea_packages_enabled | bool %}
2023-01-26 02:53:50 +01:00
CHUNKED_UPLOAD_PATH = {{ gitea_home }}/data/tmp/package-upload
{{ gitea_packages_extra }}
{% endif %}
2023-10-10 19:30:38 +02:00
;
;
{% if gitea_lfs_server_enabled | bool %}
2023-10-10 19:30:38 +02:00
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#lfs-lfs
2023-01-26 02:53:50 +01:00
[lfs]
STORAGE_TYPE = {{ gitea_lfs_storage_type }}
SERVE_DIRECT = {{ gitea_lfs_serve_direct | ternary('true', 'false') }}
PATH = {{ gitea_lfs_content_path }}
{{ gitea_lfs_extra }}
{% endif %}
2023-10-10 19:30:38 +02:00
;
;
{% if gitea_actions_enabled | bool %}
2023-10-10 19:30:38 +02:00
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#actions-actions
[actions]
ENABLED = {{ gitea_actions_enabled }}
DEFAULT_ACTIONS_URL = {{ gitea_actions_default_actions_url }}
{{ gitea_actions_extra }}
{% endif %}
2023-10-10 19:30:38 +02:00
;
;
2023-01-26 02:53:50 +01:00
; Other (other)
2023-10-10 19:30:38 +02:00
; -> https://docs.gitea.com/next/administration/config-cheat-sheet/#other-other
2023-01-26 02:53:50 +01:00
[other]
SHOW_FOOTER_VERSION = {{ gitea_other_show_footer_version | ternary('true', 'false') }}
2023-01-26 02:53:50 +01:00
SHOW_FOOTER_TEMPLATE_LOAD_TIME = {{ gitea_other_show_footer_template_load_time | ternary('true', 'false') }}
ENABLE_SITEMAP = {{ gitea_other_enable_sitemap | ternary('true', 'false') }}
ENABLE_FEED = {{ gitea_other_enable_feed | ternary('true', 'false') }}
;
;
;
2021-03-22 00:17:13 +01:00
; Optional additional config
{{ gitea_extra_config }}